Tannenbaum Helpern Syracuse & Hirschtritt, LLP
About Us Careers Contact Us Search
Home Practice Areas Industries Case Results Attorneys Publications Events Press Room

Online Privacy For Children

While adults have little law in the United States to protect their privacy online, since 2000, children have the Children's Online Privacy Protection Act (COPPA). It's one of the few laws in the U.S. to protect privacy rights and it applies to children under the age of 13.

If you're a parent, you need to better understand how you can protect your kids online. If you're a business with a website, you need to comply or face large fines.

Moreover, if you think that your business can just wink at COPPA, think again. This year, the Federal Trade Commission (FTC) fined UMB Recordings, which operates several hundred music-related websites, $400,000. In 2003, Mrs. Fields Cookies paid civil penalties of $100,000 and Hershey Foods $85,000.

The first step in compliance is to determine if you direct your website at kids. According to the FTC, it will look to the "[s]ubject matter, visual or audio content, the age of the models on the site, language, whether advertising on the website is directed to children, information regarding the age of the actual or intended audience, and whether a site uses animated characters or other child-oriented features."

Parents should understand that COPPA protects information that makes your children individually identifiable including their full name, home address, email address, telephone number and any other information that would allow your child's identity to be compromised.

Compliance with COPPA starts with posting a Privacy Policy on your website. This is a document you're going to need a tech lawyer to write for you. It will include disclosure of things like the types of personal information you collect like name and address and how you will use the information. For example, you might say that you will never release the information to anyone. Alternatively, your privacy policy might say that you may provide private information to "carefully chosen partners."

I must say that whether it's a website geared to adults or children, I chuckle every time I see some phrase like "carefully chosen partners." You should know that a "carefully chosen partner" is a euphemism for any company that pays the asking price for your kid's private information with a check that clears the bank.

The hardest part in your compliance efforts will be getting parental consent for collecting private information. After all, using the Internet, it's really impossible to know if it's a parent giving you the consent or a child pretending to be a parent.

The standard for verifying that a parent is really a parent is lower if you're only going to use the private information internally. If that's the case, you can get away with an email from a parent although you really don't know that the email is from a parent and not from the kid. The law lets you wink at that reality.

However, if you intend to share a child's private information, you're going to need more meaningful parental consent like a faxed signature. This can be a tough requirement because the spontaneity of the Internet doesn't work well with some ten-year old getting mommy to fax a privacy consent to you. As a practical matter, COPPA may just preclude you from selling children's private information, which was probably Congress's point anyway.





Like us on FaceBook Follow us on Twitter Get LinkedIn with us Pin It! Email Us Print this Page

Sitemap | Terms of Use | Privacy | Attorney Advertising

Tannenbaum Helpern Syracuse & Hirschtritt LLP provides legal advice only to individuals or entities with which it has established an attorney-client relationship and such advice is based on the particular facts and circumstances of each matter. Contacting us through this site, or otherwise, will not establish an attorney-client relationship with us. Any e-mail or other communication sent to THSH or its lawyers through this site will not be treated as subject to the attorney-client privilege or as otherwise confidential and you should not include any confidential information in any such communication.